Just so we're clear, we're talking about a virtual coin flip here, right? Anything else would require trust. Even if you tried to use an API that checked the scores of a sporting event.
It's more like a two-party roll of a die with a practically infinite number of faces. If both rolls sum even, Alice wins. Otherwise, Bob wins.
Alice and Bob commit to their rolls by hashing them then making a future spend contingent on revealing the roll that produced the hash.
The trick is how to reveal both rolls without giving an advantage to the one who reveals second. This is the problem the protocol solves - through transaction setup and the newly-activated Script opcodes.
>It's more like a two-party roll of a die with a practically infinite number of faces. If both rolls sum even, Alice wins. Otherwise, Bob wins.
What you are describing is a coin flipping protocol [0].
From the article:
>To my knowledge this is the first time someone has proposed such a scheme on Bitcoin though I suppose it's possible it has come up before and I just missed it.
There have been coin flipping protocols for Bitcoin since at least 2013-2014 [1]. The main contribution of the above post appears to be that they actually performed the protocol which is neat and quite a bit of work.
Thanks for sharing that. Didn't know someone else had done it before. Nitpicking a little in that with that scheme the losers could attempt a double spend, but for 2014 it's still pretty cool.
Also a very clever hack to get around the scripting limitations by using the length of the secret instead of the actual secret itself.
All your graph says is that those coins are less valuable in terms of USD.
Transaction costs are specified by the protocol in satoshis, which is the base unit of Bitcoin. How much you can buy for one satoshi only depends on what people want to pay for it. We call this the coin value.
A coin without value is free to transact with. Run your applications on testnet if there are no other considerations.
The example is a coin flip but it could be any random based game by using a different algorithm than "number mod 2". You're correct that it can't act on real world data.
More specifically xor 2 initially hidden integers and mod X + 1 gives you a random number from 1 to X.
PS: Adding numbers mod X will provide a fair random number as long as at least one side provides a fair random number to start with. Which is a stronger guarantee if your making a real money wager.
Chess doesn't have any random element so it wouldn't need this kind of system. You could implement card games and board games that do have randomness like candyland.
You could implement chess with only movement commitments and no atomic fair random number generation.
It relies on the parties to take an action (that they are both incentivized to take in order to see if they won). This is similar to atomic swaps - they setup a time boxed window when people must take an action. If one of the parties fails to act in time, they will, in fact, lose their coins.
Can I get a supporter of BTC/BCH explain to me why it makes sense to do this on those blockchains rather than on a blockchain with actual Turing completeness, such as Ethereum?
There have been some other answers, but I’ll add first, people may just want to bet BCH - if it’s possible to do, even with a limited instruction set, why not figure it out? Second, turing completeness is not a panacea, and as we’ve seen now several times, the expressiveness of Eth’s VM actually opens it up to more bugs.
BCH has less users than ETH. I think the interest is that transactions in BCH are very low, and there are talks about enabling some 0-fee transactions:
An important difference between BCH and ETH is that ETH has a lot of opcodes, but BCH is slowly enabling some of the opcodes that were created by Satoshi but later disabled.
because in bcash land they can convince the miners to include tx's with 1 satoshi fee, so they can bloat their chain with all kinds of junk like yours.org Good luck doing that in ethereum land.
Your "'wrong' is wrong" is wrong. Yo can verify transaction history with an SPV wallet.
A full node won't help you against an eclipse attack. And also not against a sustained 51% attack since miners can mine empty blocks on the minority chain, halting it.
A full node is good for increasing your privacy, disguising what addresses you're watching, but that's all.
The interesting thing about this is that all the logic happens onchain. This is why OP mentions that this is the first truly decentralized bet of this kind, because everything is happening on top of the Bcash decentralized protocol.
TL;DR: A very simple smart contract running on the Bcash network.
Eh, I think this belongs here. Heavy moderation is probably good to prevent the BTC/BCH flame wars you'll see on other forums, but the technical differences being introduced between the chains (such as OP_CODES here) are actually very interesting I think.
>Please don't impute astroturfing or shillage. That degrades discussion and is usually mistaken. If you're worried about it, email us and we'll look at the data.
>Please don't complain that a submission is inappropriate. If a story is spam or off-topic, flag it. Don't feed egregious comments by replying; flag them instead. If you flag something, please don't also comment that you did.
>Please don't comment about the voting on comments. It never does any good, and it makes boring reading.
Because as I see it you're saying enabling OP_CODES is a bad thing. You may be right, but you didn't use a very good argument.
You used an 'Appeal to authority' to show OP_CODES are bad then you implied no testing was done by the BCH guys without providing any evidence of such.
